KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder 安全漏洞

KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder is a professional encoding device from KiloView UK. A security vulnerability exists in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder version 1.20.0006, which stems from a problem with the systemctrl API System/reFactory compone...

CVE-2024-8956 PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

PTZOptics PT30X-SDI/NDI-xx 安全漏洞

PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40, which stems from insufficient validation of the ntpaddr configuration value. An attacker could use this vulnerability to execute arbitrary...

PTZOptics PT30X-SDI/NDI-xx 安全漏洞

PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40 that stems from insufficient authentication. An attacker exploiting this vulnerability could disclose sensitive data such as usernames,...

sdi.com.au Cross Site Scripting vulnerability OBB-3848545

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...

Security Bulletin: IBM Security Directory Server is vulnerable to path traversal (CVE-2022-33164)

Summary A Security Vulnerability that affects the IBM Security Directory Server was addressed in the IBM Security Directory Integrator product. Vulnerability Details CVEID:CVE-2022-33164 DESCRIPTION: IBM Security Directory Server could allow a remote attacker to traverse directories on the system...

GE Gas Power ToolBoxST

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Gas Power Equipment: ToolBoxST Vulnerabilities: Improper Restriction of XML External Entity Reference, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result...

Unauthorized Access Vulnerability in K401LX at Samsung (China) Investment Co.

Samsung China Investment Co., Ltd. is the headquarters of Samsung Group in China. By the end of 2008, 20 out of more than 30 companies under Samsung have invested in China, including Samsung Electronics, Samsung SDI, Samsung SDS and Samsung Electro-Mechanics. An unauthorized access vulnerability...

CVE-2019-2295

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

CVE-2019-2295

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

CVE-2019-2295

CVE-2019-2295 describes information disclosure caused by a missing address range check in the SysDBG buffers within SDI code. The weakness affects Qualcomm Snapdragon platforms across multiple families (including Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice ...

Security Bulletin: There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition Version 7.0 and Version 8.0 that is used by Security Directory Integrator. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition Version 7.0 and Version 8.0 that is used by Security Directory Integrator. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019 Vulnerability Details CVE-2019-4473 Description On t...

Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure

Teradek Slice 7.3.15 snapshot.cgi Stream Disclosure Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: Firmware Version:7.3.15 build 31735 Hardware Version: 2.1 Summary: Built on the award-winning Cube platform, Slice is a rack mount HEVC / H.264 codec designed to fi...

Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure

Summary Built on the award-winning Cube platform, Slice is a rack mount HEVC / H.264 codec designed to fit seamlessly into your broadcast studio. Like the Cube, Slice encoders and decoders includes 3G-SDI and HDMI I/O, Ethernet and WiFi connectivity, and full duplex IFB. Description Slice suffers...

Open Source Full Featured Network Operating System: OpenSwitch

Open Source Full Featured Network Operating System OpenSwitch provides a fully-featured L2/L3 control plane stack, traditional and programmatic, declarative control plane. The 24×7 nature of global digital economy and the explosion of data have changed how we think about data center networking...

Cisco PIX/ASA Windows NT域绕过认证漏洞

BUGTRAQ ID: 31864 CVECAN ID: CVE-2008-3815 PIX是一款防火墙设备，可为用户和应用提供策略强化、多载体攻击防护和安全连接服务；自适应安全设备（ASA）是可提供安全和VPN服务的模块化平台。 由于Microsoft Windows NT域认证问题，Cisco ASA和Cisco PIX设备可能受VPN绕过认证漏洞的影响。配置了基于IPSec或SSL远程访问VPN的Cisco ASA或Cisco PIX安全设备存在这个漏洞，攻击者可以通过远程访问基于IPSec或SSL的VPN成功连接到Cisco ASA设备。 Cisco ASA或Cisco...

CVE-2001-0144

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow...

CVE-2001-0144

Technical details about CVE-2001-0144 are not provided in the connected documents. The Initial Description notes an SSH1 CRC-32 overflow issue, but no vendor/version/exploit data is supplied here. Monitor for updates and disclose when more info becomes public.